Main enhancements:
- Improved documentation
- Wfuzz scriptable API
- wfpayload and wfencoder utils
- wfuzz.ini for general and plugin options
- Improved filter language (introspection, operators, functions, FUZZ keyword).
- Introspection using FUZZ[field]
- Allow to run wfuzz from any folder
- Wfuzz could be installed using pip
- Dictionaries are automatically looked for at the specified directories
- Test cases
- Ability to store and reuse previous results
New features:
- req-delay and conn-delay switches
- dry-run switch
- X switch allows to specify method (removed -I switch).
- o switch writes printer output to a file
- p switch for proxy specification supports repetition
- L switch is equivalent to --follow
- zP swtich to specify further parameters to payloads
- u switch for specifying an URL
- Simple/advanced help switches
- prefilter/slice for filtering payloads.
- Improved help for payloads and plugins
Other enhancements:
- Code reorganization (using a queue pipeline for processing results).
- Bugs fixing
- Improved error handling
- Personal plugins could be stored in user's home folder.
- Plugins are stored in directories in separated files
- Improved FuzzRequest object for easier access to cookies, params...
- Plugin runtime/loading errors do not block wfuzz execution.
- A request is repeated a number of times if fails.
- Validate CLI options.
- BeautifulSoup integration
- Plugins can perform their own requests outside the execution pipeline.
- Option to encode space in the URL
- FUZZ keyword for ss/hs switches
- Improved scripts and payloads structure for creating new plugins
Plugins:
- Check for errors (WIP)
- json printer
- burplog and burpstate payloads
- wfuzzp payload
- net ipaddress payload
- dirwalk payload
- title plugin
- Backup plugin
- CVS entries plugin